I installed OpenVPN on my Opensips server in order to test a VPN solution for NAT and firewall traversal.
The VPN tunnel between my server and the clients is established, but the problem is that Opensips seems to be unable to listen on the virtual interface created by OpenVPN (tun0).
I tried several configurations (listen=udp:10.8.0.1:5060, listen=tun0:5060, no listen parameter in order to bind on all interfaces) but none of them worked, Wireshark shows me that the REGISTER messages are received on the Opensips server but they don't seem to be seen by Opensips.
Any idea ?
I’ve had a bad experience with communication security. I don’t need too complicated system like Asterisk. I need safe communication only among several people. Some of them behind the NAT. For this purpose
1. I’ve setup routed OpenVPN server with this options: protocol - udp, device - tun, network - 10.8.0.0 255.255.255.0, compression - comp-lzo, then finely reniced openvpn priority to higher
2. run rtpproxy with -l 10.8.0.1 option
3. run opensips which listens udp:10.8.0.1:5060
It is working fine, but very sensitive to the connection quality.
Of cause OpenVPN tunneling should avoid using rtpproxy but I’m afraid Windows and other software will fill VPN connection with collateral junk. I haven’t noticed any improvement when tried client-to-client VPN option.
In case any OpenVPN and opensips guru drop into this topic please help with numerous OpenVPN and opensips options to improve secure communication.
Try disabling compression and use BC-CBC (Blowfish) encryption (faster).
Although I don't know much Opensips yet, but if it uses broadcasting as some other VoIP
engines (and you need it), you'll be obliged to switch to bridged mode.